zvec
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation provides instructions to install the
zveclibrary from official package registries (PyPI and NPM) and references source code hosted in the Alibaba organization's GitHub repository. - [COMMAND_EXECUTION]: Includes examples for database lifecycle management, such as creating collection directories on the local filesystem and performing irreversible deletions of data folders via the
destroy()method. - [REMOTE_CODE_EXECUTION]: Mentions embedding and reranking functions that download pre-trained model weights from established community registries like HuggingFace or ModelScope upon initial execution.
- [CREDENTIALS_UNSAFE]: Security best practices are followed by using descriptive placeholders (e.g., 'your-openai-api-key') in configuration examples instead of hardcoded credentials.
- [SAFE]: The skill facilitates the use of a legitimate vector database tool, with all external references targeting well-known technology organizations and official service endpoints.
Audit Metadata